Chapter 13. Securing Your System
System security is the application of configurations, software, policies, rules, and best practices to a system (whether it’s new or years old) so that the system operates without significant downtime due to security breaches and compromises. As a system administrator, security is your most important and time-consuming task.
This chapter concentrates on the prevention of security problems. Discovery and mitigation are briefly covered. You will learn how to secure both newly deployed systems and systems that have been in operation for years. No single treatment is comprehensive because new threats and vulnerabilities arise on what seems like a daily basis. You will learn how to apply basic security settings to your Linux systems. Because many larger companies have their own standards, the security settings I recommend are a good place to start, but you should always comply with corporate security protocols and policies.
Protecting the Root Account
The root user account is the all-powerful account on every Linux system, and you must protect access to it. If someone compromises this account, they can lock you out, destroy the system, steal data, or maintain control of it and use it to pivot to and compromise other systems within your network. Never write down or share the root password with anyone outside the system administrators group. If you use a database or other secure password manager to generate and store passwords, ensure that you exercise ...
Get Practical Linux System Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
